Skip to content

Commit 25920ce

Browse files
SeeroySeeroy
committed
1.0.1 Auth fix!
1 parent 29c2efc commit 25920ce

10 files changed

Lines changed: 58 additions & 38 deletions

File tree

app.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,7 @@ global.currentFileWritingsText = [];
135135
global.ftpserver;
136136

137137
// Kubek version
138-
global.version = "v2.0";
138+
global.version = "v2.0.1";
139139

140140
app.use(fileUpload());
141141
app.use(cookieParser());

my_modules/auth_manager.js

Lines changed: 22 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ exports.addNewUser = (password, login, permissions, mail) => {
5656
if (cfg.auth == false) {
5757
success = "Auth is disabled";
5858
} else {
59-
if(Object.keys(users).length >= 6){
59+
if (Object.keys(users).length >= 6) {
6060
success = "Users count is limited to 5 users";
6161
} else {
6262
if (mail == null || typeof mail == "undefined" || mail.match(EMAIL_REGEX)) {
@@ -206,16 +206,31 @@ exports.editUser = (login, permissions, mail) => {
206206
return success;
207207
}
208208

209-
exports.getUserPermissions = (hash, login) => {
210-
auth = this.authorize(hash, login);
211-
if (auth == true) {
212-
if (typeof usersConfig[login] !== "undefined" && typeof usersConfig[login].permissions !== "undefined") {
213-
return usersConfig[login].permissions;
209+
exports.getUserPermissions = (req) => {
210+
cfggg = config.readConfig();
211+
if (cfggg.auth == true) {
212+
hash = req.cookies["kbk__hash"];
213+
login = req.cookies["kbk__login"];
214+
215+
auth = this.authorize(hash, login);
216+
if (auth == true && typeof login !== "undefined" && typeof hash !== "undefined" && login.length > 0 && hash.length > 0) {
217+
if (typeof usersConfig[login] !== "undefined" && typeof usersConfig[login].permissions !== "undefined") {
218+
return usersConfig[login].permissions;
219+
} else {
220+
return false;
221+
}
214222
} else {
215223
return false;
216224
}
217225
} else {
218-
return false;
226+
arr = [
227+
"console",
228+
"plugins",
229+
"filemanager",
230+
"server_settings",
231+
"kubek_settings"
232+
];
233+
return arr;
219234
}
220235
}
221236

my_modules/statistics.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,14 +7,14 @@ var config = require('./config');
77

88
exports.supportUID = () => {
99
cp_unq = os.cpus();
10-
uniqueid_unq = os.version + "850_" + cp_unq[0].model + cp_unq[1].speed + Math.round(os.totalmem() / 1024 / 1024);
10+
uniqueid_unq = os.version + "850_" + cp_unq[0].model + cp_unq[0].speed + Math.round(os.totalmem() / 1024 / 1024);
1111
uniqueid_unq = MD5(uniqueid_unq).toString();
1212
return uniqueid_unq;
1313
}
1414

1515
exports.collectStats = (cfg, version, cb) => {
1616
cp_unq = os.cpus();
17-
uniqueid_unq = os.version + "850_" + cp_unq[0].model + cp_unq[1].speed + Math.round(os.totalmem() / 1024 / 1024);
17+
uniqueid_unq = os.version + "850_" + cp_unq[0].model + cp_unq[0].speed + Math.round(os.totalmem() / 1024 / 1024);
1818
uniqueid_unq = MD5(uniqueid_unq).toString();
1919

2020
cfgs = config.readServersJSON();

routers/auth.js

Lines changed: 17 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -54,18 +54,23 @@ router.get('/login', function (req, res) {
5454
});
5555

5656
router.get('/permissions', function (req, res) {
57-
login = req.cookies['kbk__login'];
58-
hash = req.cookies['kbk__hash'];
59-
if (typeof login !== "undefined" && typeof hash !== "undefined" && login.length > 0 && hash.length > 0) {
60-
perms = auth_manager.getUserPermissions(hash, login);
57+
cfg = config.readConfig();
58+
if (cfg['auth'] == true) {
59+
perms = auth_manager.getUserPermissions(req);
6160
res.send(perms);
6261
} else {
63-
res.send(false);
62+
res.send([
63+
"console",
64+
"plugins",
65+
"filemanager",
66+
"server_settings",
67+
"kubek_settings"
68+
]);
6469
}
6570
});
6671

6772
router.get('/listUsers', function (req, res) {
68-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
73+
perms = auth_manager.getUserPermissions(req);
6974
if (perms.includes(ACCESS_PERMISSION)) {
7075
users = config.readUsersConfig();
7176
res.send(users);
@@ -75,7 +80,7 @@ router.get('/listUsers', function (req, res) {
7580
});
7681

7782
router.get('/getUserInfo', function (req, res) {
78-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
83+
perms = auth_manager.getUserPermissions(req);
7984
if (perms.includes(ACCESS_PERMISSION)) {
8085
users = config.readUsersConfig();
8186
username = req.query.username;
@@ -91,7 +96,7 @@ router.get('/getUserInfo', function (req, res) {
9196
});
9297

9398
router.get('/newUser', function (req, res) {
94-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
99+
perms = auth_manager.getUserPermissions(req);
95100
if (perms.includes(ACCESS_PERMISSION)) {
96101
result = false;
97102
login = req.query.login;
@@ -126,7 +131,7 @@ router.get('/logout', function (req, res) {
126131
});
127132

128133
router.get('/editUser', function (req, res) {
129-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
134+
perms = auth_manager.getUserPermissions(req);
130135
if (perms.includes(ACCESS_PERMISSION)) {
131136
result = false;
132137
login = req.query.login;
@@ -145,7 +150,7 @@ router.get('/editUser', function (req, res) {
145150
});
146151

147152
router.get('/changeAdminPass', function (req, res) {
148-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
153+
perms = auth_manager.getUserPermissions(req);
149154
if (perms.includes(ACCESS_PERMISSION)) {
150155
result = false;
151156
oldPass = req.query.oldPass;
@@ -162,7 +167,7 @@ router.get('/changeAdminPass', function (req, res) {
162167
});
163168

164169
router.get('/deleteUser', function (req, res) {
165-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
170+
perms = auth_manager.getUserPermissions(req);
166171
if (perms.includes(ACCESS_PERMISSION)) {
167172
result = false;
168173
login = req.query.login;
@@ -178,7 +183,7 @@ router.get('/deleteUser', function (req, res) {
178183
});
179184

180185
router.get('/regenUserHash', function (req, res) {
181-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
186+
perms = auth_manager.getUserPermissions(req);
182187
if (perms.includes(ACCESS_PERMISSION)) {
183188
result = false;
184189
login = req.query.login;

routers/fmapi.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ router.use(function (req, res, next) {
1717
res.send("Cannot be accessed from the internet");
1818
} else {
1919
authsucc = auth_manager.authorize(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
20-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
20+
perms = auth_manager.getUserPermissions(req);
2121
if (authsucc == true && perms.includes(ACCESS_PERMISSION)) {
2222
next();
2323
} else {

routers/forgeInstaller.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ router.use(function (req, res, next) {
2121
res.send("Cannot be accessed from the internet");
2222
} else {
2323
authsucc = auth_manager.authorize(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
24-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
24+
perms = auth_manager.getUserPermissions(req);
2525
if (authsucc == true && perms.includes(ACCESS_PERMISSION)) {
2626
next();
2727
} else {

routers/kubek.js

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -92,7 +92,7 @@ router.get('/translate', function (req, res) {
9292
});
9393

9494
router.get('/setFTPDStatus', function (req, res) {
95-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
95+
perms = auth_manager.getUserPermissions(req);
9696
if (perms.includes(ACCESS_PERMISSION)) {
9797
ftpd.stopFTPD();
9898
setTimeout(function () {
@@ -131,7 +131,7 @@ router.get('/support-uid', function (req, res) {
131131
});
132132

133133
router.get('/config', function (req, res) {
134-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
134+
perms = auth_manager.getUserPermissions(req);
135135
if (perms.includes(ACCESS_PERMISSION)) {
136136
res.send(config.readConfig());
137137
} else {
@@ -146,7 +146,7 @@ router.get('/usage', function (req, res) {
146146
});
147147

148148
router.get('/saveConfig', function (req, res) {
149-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
149+
perms = auth_manager.getUserPermissions(req);
150150
if (perms.includes(ACCESS_PERMISSION)) {
151151
if (req.query.data != null && typeof req.query.data !== "undefined") {
152152
fs.writeFileSync("./config.json", req.query.data);

routers/plugins.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ router.use(function (req, res, next) {
1717
res.send("Cannot be accessed from the internet");
1818
} else {
1919
authsucc = auth_manager.authorize(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
20-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
20+
perms = auth_manager.getUserPermissions(req);
2121
if (perms.includes(ACCESS_PERMISSION)) {
2222
next();
2323
} else {

routers/server.js

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ router.get('/statuses', function (req, res) {
8888
});
8989

9090
router.get('/getStartScript', function (req, res) {
91-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
91+
perms = auth_manager.getUserPermissions(req);
9292
if (perms.includes(ACCESS_PERMISSION)) {
9393
if (typeof (configjson[req.query.server]) !== 'undefined') {
9494
res.send(serverController.getStartScript(req.query.server));
@@ -101,7 +101,7 @@ router.get('/getStartScript', function (req, res) {
101101
});
102102

103103
router.get('/saveStartScript', (req, res) => {
104-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
104+
perms = auth_manager.getUserPermissions(req);
105105
if (perms.includes(ACCESS_PERMISSION)) {
106106
if (typeof (configjson[req.query.server]) !== 'undefined') {
107107
res.send(serverController.saveStartScript(req.query.server, req.query.script, req.query.resonerr));
@@ -114,7 +114,7 @@ router.get('/saveStartScript', (req, res) => {
114114
});
115115

116116
router.get('/getServerPropertiesFile', function (req, res) {
117-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
117+
perms = auth_manager.getUserPermissions(req);
118118
if (perms.includes(ACCESS_PERMISSION)) {
119119
if (typeof (configjson[req.query.server]) !== 'undefined') {
120120
res.set('Content-Type', 'application/json');
@@ -128,7 +128,7 @@ router.get('/getServerPropertiesFile', function (req, res) {
128128
});
129129

130130
router.get('/saveServerPropertiesFile', function (req, res) {
131-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
131+
perms = auth_manager.getUserPermissions(req);
132132
if (perms.includes(ACCESS_PERMISSION)) {
133133
if (typeof (configjson[req.query.server]) !== 'undefined') {
134134
res.send(serverController.saveServerProperties(req.query.server, req.query.doc));
@@ -141,7 +141,7 @@ router.get('/saveServerPropertiesFile', function (req, res) {
141141
});
142142

143143
router.get('/log', function (req, res) {
144-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
144+
perms = auth_manager.getUserPermissions(req);
145145
if (perms.includes(ACCESS_PERMISSION_2)) {
146146
if (typeof (configjson[req.query.server]) !== 'undefined') {
147147
spl = servers_logs[req.query.server].split(/\r?\n/).slice(-100);
@@ -155,7 +155,7 @@ router.get('/log', function (req, res) {
155155
});
156156

157157
router.get('/delete', function (req, res) {
158-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
158+
perms = auth_manager.getUserPermissions(req);
159159
if (perms.includes(ACCESS_PERMISSION)) {
160160
if (typeof (configjson[req.query.server]) !== 'undefined') {
161161
delete configjson[req.query.server];

routers/upload.js

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ router.use(function (req, res, next) {
2828
});
2929

3030
router.post('/icon', function (req, res) {
31-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
31+
perms = auth_manager.getUserPermissions(req);
3232
if (perms.includes(ACCESS_PERMISSION)) {
3333
let sampleFile;
3434
let uploadPath;
@@ -83,7 +83,7 @@ router.post('/core', function (req, res) {
8383
});
8484

8585
router.post('/plugin', function (req, res) {
86-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
86+
perms = auth_manager.getUserPermissions(req);
8787
if (perms.includes(ACCESS_PERMISSION_2)) {
8888
if (!fs.existsSync("./servers/" + req.query["server"] + "/plugins")) {
8989
fs.mkdirSync("./servers/" + req.query["server"] + "/plugins");
@@ -114,7 +114,7 @@ router.post('/plugin', function (req, res) {
114114
});
115115

116116
router.post('/mod', function (req, res) {
117-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
117+
perms = auth_manager.getUserPermissions(req);
118118
if (perms.includes(ACCESS_PERMISSION_2)) {
119119
if (!fs.existsSync("./servers/" + req.query["server"] + "/mods")) {
120120
fs.mkdirSync("./servers/" + req.query["server"] + "/mods");
@@ -145,7 +145,7 @@ router.post('/mod', function (req, res) {
145145
});
146146

147147
router.post('/file', (request, response) => {
148-
perms = auth_manager.getUserPermissions(req.cookies["kbk__hash"], req.cookies["kbk__login"]);
148+
perms = auth_manager.getUserPermissions(req);
149149
if (perms.includes(ACCESS_PERMISSION_3)) {
150150
let sampleFile;
151151
let uploadPath;

0 commit comments

Comments
 (0)